package com.b2b.message.admin.shiro.filter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;

import com.b2b.message.admin.bean.UserBean;

/**
 * 判断是否记住登录状态拦截器
 * @author gongtianpei
 *
 */
public class ValidRememberMeFilter extends AccessControlFilter
{
	@Override
	protected boolean isAccessAllowed(ServletRequest request,
			ServletResponse response, Object mappedValue) throws Exception
	{
		return false;
	}

	@Override
	protected boolean onAccessDenied(ServletRequest request,
			ServletResponse response) throws Exception
	{
		Subject subject = getSubject(request, response);
		//未认证登录并且记住登录状态
		if(!subject.isAuthenticated()&&subject.isRemembered()){
			UserBean userBean = (UserBean) subject.getPrincipal();
			UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(userBean.getMobile(), "q1w2e3r4");
			usernamePasswordToken.setRememberMe(true);
			subject.login(usernamePasswordToken);
		}
		return true;
	}

}
